SSL/5/SSL_CONNECT_FAIL: SSL failed to connect with peer. (FailReason = [FailReason], ErrorCode = [ErrorCode], AppCid = [AppCid], VerifyMode = [VerifyMode], TlsId = [TlsId], SockFd = [SockFd])
In VS mode, this log is supported only by the admin VS.
| Parameter Name | Parameter Meaning |
|---|---|
|
FailReason |
Authentication failure cause. The options are as follows: -·The·certificate·signature·used·the·DSA·or·ECDSA·algorithm,·but·the·signature·was·incorrect: The certificate signature uses the DSA or ECDSA algorithm, but the signature is incorrect. -·The·algorithm·in·the·server's·Hello·message·received·by·the·client·cannot·be·identified: The algorithm in the Hello message received by the client from the server cannot be identified. -·The·peer·end·sent·content·incorrectly: An error occurs when the peer end sends packets. -·The·content·in·the·extension·field·was·not·supported: The content in the extended field is not supported. |
|
ErrorCode |
Error code of an authentication failure |
|
AppCid |
Component ID |
|
VerifyMode |
Authentication mode |
|
TlsId |
SSL policy ID |
|
SockFd |
Socket handle |
Cause 1: The certificate signature used the DSA or ECDSA algorithm, but the signature was incorrect.
Cause 2: The algorithm in the server's Hello message received by the client cannot be identified.
Cause 3: The peer end sent content incorrectly.
Cause 4: The content in the extension field was not supported.
1. Perform different procedures for different causes.
Cause 1:
Check whether the certificate is normal and whether the signature is tampered with.
Cause 2:
Check whether the client supports the algorithm that the server chooses.
Cause 3:
Check whether the peer end sends correct content.
Cause 4:
This log message is informational only, and no action is required.
2. Collect log information and configuration information, and then contact technical support personnel.